Export limit exceeded: 364156 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364156 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0329 1 Microsoft 4 Ie, Internet Explorer, Outlook and 1 more 2026-04-16 N/A
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
CVE-2002-0006 2 Redhat, Xchat 2 Linux, Xchat 2026-04-16 N/A
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set.
CVE-2000-0338 1 Concurrent Versions Software Project 1 Concurrent Versions Software 2026-04-16 5.5 Medium
Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user.
CVE-2000-0346 1 Apple 1 Appleshare 2026-04-16 N/A
AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server.
CVE-2002-0007 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server.
CVE-2000-0347 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name.
CVE-2000-0353 1 University Of Washington 1 Pine 2026-04-16 N/A
Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine.
CVE-2000-0367 1 Michael Jennings 1 Eterm 2026-04-16 N/A
Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges.
CVE-2000-0368 1 Cisco 1 Ios 2026-04-16 N/A
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
CVE-2002-0008 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user comment via an HTTP request to process_bug.cgi using the "who" parameter, instead of the Bugzilla_login cookie, or (2) post a bug as another user by modifying the reporter parameter to enter_bug.cgi, which is passed to post_bug.cgi.
CVE-2000-0373 1 Kde 1 Kvt 2026-04-16 N/A
Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges.
CVE-2000-0374 1 Caldera 1 Openlinux 2026-04-16 N/A
The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.
CVE-2000-0375 1 Freebsd 1 Freebsd 2026-04-16 N/A
The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files.
CVE-2000-0376 1 I-drive 1 Filo 2026-04-16 N/A
Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote attackers to execute arbitrary commands via a long HTTP GET request.
CVE-2000-0377 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.
CVE-2000-0378 1 Redhat 1 Linux 2026-04-16 N/A
The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in.
CVE-2000-0379 1 Netopia 1 R-series Routers 2026-04-16 N/A
The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so.
CVE-2000-0380 1 Cisco 1 Ios 2026-04-16 N/A
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
CVE-2000-0381 1 Gossamer Threads 1 Dbman 2026-04-16 N/A
The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter.
CVE-2000-0382 1 Allaire 1 Clustercats 2026-04-16 N/A
ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site.